[midPoint-git] [Evolveum/connector-scimrest] 38b078: Introduce HttpRequestDTO and HttpRequestConverter ...

Mon Apr 27 12:10:56 CEST 2026

  Branch: refs/heads/feature/basic-jwt-authorization
  Home:   https://github.com/Evolveum/connector-scimrest
  Commit: 38b0781bf34d912afedf493db79dbc9ffde7ad95
      https://github.com/Evolveum/connector-scimrest/commit/38b0781bf34d912afedf493db79dbc9ffde7ad95
  Author: Jan Kamenicky <jan.kamenicky at evolveum.com>
  Date:   2026-04-24 (Fri, 24 Apr 2026)

  Changed paths:
    A common/src/main/java/com/evolveum/polygon/scimrest/api/AuthorizationCustomizer.java
    A common/src/main/java/com/evolveum/polygon/scimrest/api/HttpRequestConverter.java
    A common/src/main/java/com/evolveum/polygon/scimrest/api/HttpRequestDTO.java
    M common/src/main/java/com/evolveum/polygon/scimrest/groovy/AbstractGroovyRestConnector.java
    M common/src/main/java/com/evolveum/polygon/scimrest/groovy/AuthorizationCustomizationBuilderImpl.java
    M common/src/main/java/com/evolveum/polygon/scimrest/groovy/ConnectorContext.java
    M common/src/main/java/com/evolveum/polygon/scimrest/groovy/DispatchingAuthorizationCustomizer.java
    M common/src/main/java/com/evolveum/polygon/scimrest/groovy/EndpointBasedSearchBuilder.java
    M common/src/main/java/com/evolveum/polygon/scimrest/groovy/FilterToRequestMapper.java
    M common/src/main/java/com/evolveum/polygon/scimrest/groovy/PagingHandler.java
    M common/src/main/java/com/evolveum/polygon/scimrest/groovy/RestHandlerBuilder.java
    M common/src/main/java/com/evolveum/polygon/scimrest/groovy/RestSearchOperationHandler.java
    M common/src/main/java/com/evolveum/polygon/scimrest/groovy/RestUpdateOperationBuilderImpl.java
    M common/src/main/java/com/evolveum/polygon/scimrest/groovy/api/AuthenticationCustomizationBuilder.java
    A common/src/main/java/com/evolveum/polygon/scimrest/groovy/api/HttpVersion.java
    M common/src/main/java/com/evolveum/polygon/scimrest/groovy/api/RestSearchEndpointBuilder.java
    A common/src/main/java/com/evolveum/polygon/scimrest/impl/rest/JdkHttpRequestConverter.java
    M common/src/main/java/com/evolveum/polygon/scimrest/impl/rest/OAuth2TokenManager.java
    M common/src/main/java/com/evolveum/polygon/scimrest/impl/rest/RestContext.java
    M common/src/main/java/com/evolveum/polygon/scimrest/impl/rest/RestPagingAwareObjectRetriever.java

  Log Message:
  -----------
  Introduce HttpRequestDTO and HttpRequestConverter for clean HTTP abstraction

Replaces the ad-hoc RequestBuilder inner class with a protocol-agnostic
HttpRequestDTO data carrier and an HttpRequestConverter<T> functional
interface, implemented by JdkHttpRequestConverter for java.net.http.
Adds AuthorizationCustomizer<C> generic interface and HttpVersion enum
(independent of java.net.http) to complete the api-layer contract.

  Commit: 849ce9fa7a0d87633e4a3c357826ae9e2f574ad3
      https://github.com/Evolveum/connector-scimrest/commit/849ce9fa7a0d87633e4a3c357826ae9e2f574ad3
  Author: Jan Kamenicky <jan.kamenicky at evolveum.com>
  Date:   2026-04-24 (Fri, 24 Apr 2026)

  Changed paths:
    M common/src/main/java/com/evolveum/polygon/scimrest/groovy/AuthorizationCustomizationBuilderImpl.java
    A common/src/main/java/com/evolveum/polygon/scimrest/groovy/GroovyOAuth2TokenManager.java
    M common/src/main/java/com/evolveum/polygon/scimrest/groovy/api/AuthenticationCustomizationBuilder.java
    M common/src/main/java/com/evolveum/polygon/scimrest/impl/rest/OAuth2Context.java
    A common/src/test/java/com/evolveum/polygon/scimrest/exception/OAuth2GroovyHookTests.java

  Log Message:
  -----------
  Add Groovy hook support for OAuth2 token lifecycle customization

Introduces GroovyOAuth2TokenManager extending OAuth2TokenManager with
four hook points (buildTokenRequest, parseTokenResponse, validateToken,
applyToken) that can be configured via Groovy scripts using the new
oauth2 { } block in the authentication DSL.

Adds getAt/putAt to OAuth2Context for idiomatic Groovy [] operator access
to the shared context state across hook stages.

  Commit: 07d6645c6a62fcb83758ca1b417f684628123f84
      https://github.com/Evolveum/connector-scimrest/commit/07d6645c6a62fcb83758ca1b417f684628123f84
  Author: Jan Kamenicky <jan.kamenicky at evolveum.com>
  Date:   2026-04-24 (Fri, 24 Apr 2026)

  Changed paths:
    M common/src/main/java/com/evolveum/polygon/scimrest/groovy/AbstractGroovyRestConnector.java
    M common/src/main/java/com/evolveum/polygon/scimrest/schema/RestSchemaBuilder.java

  Log Message:
  -----------
  Fix initialization order so authentication is configured before SCIM discovery

Groovy scripts register authentication in initializeObjectClassHandler(), so handlers
must be built before REST and SCIM clients are initialized. Previously, SCIM discovery
made HTTP calls before any authentication was in place.

Also split SCIM contributions into two phases: schema contribution happens before the
single schema build, handler contribution happens after — so context.schema() is
available when ScimContext.contributeToHandlers() resolves object classes.

  Commit: 5506693d09e0fa4a87be65e74a8169e076af0721
      https://github.com/Evolveum/connector-scimrest/commit/5506693d09e0fa4a87be65e74a8169e076af0721
  Author: Jan Kamenicky <jan.kamenicky at evolveum.com>
  Date:   2026-04-26 (Sun, 26 Apr 2026)

  Changed paths:
    M common/src/main/java/com/evolveum/polygon/scimrest/groovy/AbstractGroovyRestConnector.java
    M common/src/main/java/com/evolveum/polygon/scimrest/groovy/AuthorizationCustomizationBuilderImpl.java
    M common/src/main/java/com/evolveum/polygon/scimrest/groovy/ConnectorContext.java
    A common/src/main/java/com/evolveum/polygon/scimrest/groovy/DispatchingScimAuthorizationCustomizer.java
    M common/src/main/java/com/evolveum/polygon/scimrest/groovy/RestHandlerBuilder.java
    M common/src/main/java/com/evolveum/polygon/scimrest/groovy/api/AuthenticationCustomizationBuilder.java
    A common/src/main/java/com/evolveum/polygon/scimrest/impl/scim/JerseyRequestCustomizerFilter.java
    M common/src/main/java/com/evolveum/polygon/scimrest/impl/scim/ScimContext.java

  Log Message:
  -----------
  Add scim{} DSL auth block and wire ScimContext with AuthorizationCustomizer<ScimClientConfiguration>

- ScimContext now receives AuthorizationCustomizer<ScimClientConfiguration> instead of
  hardcoded bearer token handling; auth applied via JerseyRequestCustomizerFilter
- Add JerseyRequestCustomizerFilter implementing ClientRequestFilter — applies headers,
  query params, method and body from HttpRequestDTO to Jersey ClientRequestContext
- Add DispatchingScimAuthorizationCustomizer with first-match dispatch by config type
- Register default handlers for ScimClientConfiguration.BearerToken and HttpBasic
  in AuthorizationCustomizationBuilderImpl
- Expose scim{} DSL block (ScimBuilder) in AuthenticationCustomizationBuilder
  with bearer() and httpBasic() convenience methods

  Commit: c2d6121a0b0057a130a61db118eac56788ce1d81
      https://github.com/Evolveum/connector-scimrest/commit/c2d6121a0b0057a130a61db118eac56788ce1d81
  Author: Jan Kamenicky <jan.kamenicky at evolveum.com>
  Date:   2026-04-27 (Mon, 27 Apr 2026)

  Changed paths:
    M common/src/main/java/com/evolveum/polygon/scimrest/config/ScimClientConfiguration.java

  Log Message:
  -----------
  Align ScimClientConfiguration.OAuth2Authorization with RestClientConfiguration.OAuth2Authorization

Rename OAuthGrant to OAuth2Authorization for consistency and add missing
fields: tokenUrl, grantType (with client_credentials default), privateKey.

  Commit: 3ade5fe87d49cca9bd446bf54e73c5ae618fff3b
      https://github.com/Evolveum/connector-scimrest/commit/3ade5fe87d49cca9bd446bf54e73c5ae618fff3b
  Author: Jan Kamenicky <jan.kamenicky at evolveum.com>
  Date:   2026-04-27 (Mon, 27 Apr 2026)

  Changed paths:
    M common/src/main/java/com/evolveum/polygon/scimrest/groovy/AuthorizationCustomizationBuilderImpl.java
    M common/src/main/java/com/evolveum/polygon/scimrest/impl/rest/OAuth2Context.java
    M common/src/main/java/com/evolveum/polygon/scimrest/impl/rest/OAuth2TokenManager.java
    M common/src/test/java/com/evolveum/polygon/scimrest/exception/OAuth2GroovyHookTests.java
    A common/src/test/java/com/evolveum/polygon/scimrest/exception/OAuth2ManualIntegrationTest.java

  Log Message:
  -----------
  Introduce OAuth2Context.Config to decouple token manager from config interfaces

Add nested Config record to OAuth2Context with factory methods for both
RestClientConfiguration.OAuth2Authorization and ScimClientConfiguration.OAuth2Authorization.
Refactor OAuth2TokenManager to accept OAuth2Context.Config instead of
RestClientConfiguration.OAuth2Authorization directly.

  Commit: 4ede93347788f985fafeed07cdfac697e6910554
      https://github.com/Evolveum/connector-scimrest/commit/4ede93347788f985fafeed07cdfac697e6910554
  Author: Jan Kamenicky <jan.kamenicky at evolveum.com>
  Date:   2026-04-27 (Mon, 27 Apr 2026)

  Changed paths:
    M common/src/main/java/com/evolveum/polygon/scimrest/groovy/AuthorizationCustomizationBuilderImpl.java
    M common/src/main/java/com/evolveum/polygon/scimrest/groovy/api/AuthenticationCustomizationBuilder.java
    A common/src/test/java/com/evolveum/polygon/scimrest/exception/ScimOAuth2ClientCredentialsTests.java
    A common/src/test/java/com/evolveum/polygon/scimrest/exception/ScimOAuth2GroovyHookTests.java

  Log Message:
  -----------
  Add OAuth2 support for SCIM authentication via Groovy DSL

Register ScimClientConfiguration.OAuth2Authorization handler in scimDispatcher
using OAuth2Context.Config. Add scim { oauth2 { ... } } DSL block with separate
GroovyOAuth2TokenManager instance for SCIM, parallel to rest { oauth2 { ... } }.
Add ScimOAuth2ClientCredentialsTests and ScimOAuth2GroovyHookTests covering token
fetch, reuse, correct request parameters, and all four hook points.

  Commit: ee94ff7ea38a5711a3ded240ba269a437e0d90c2
      https://github.com/Evolveum/connector-scimrest/commit/ee94ff7ea38a5711a3ded240ba269a437e0d90c2
  Author: Jan Kamenicky <jan.kamenicky at evolveum.com>
  Date:   2026-04-27 (Mon, 27 Apr 2026)

  Changed paths:
    A common/src/test/java/com/evolveum/polygon/scimrest/exception/AbstractOAuth2Tests.java
    A common/src/test/java/com/evolveum/polygon/scimrest/exception/AbstractScimOAuth2Tests.java
    M common/src/test/java/com/evolveum/polygon/scimrest/exception/OAuth2ClientCredentialsTests.java
    M common/src/test/java/com/evolveum/polygon/scimrest/exception/OAuth2GroovyHookTests.java
    M common/src/test/java/com/evolveum/polygon/scimrest/exception/OAuth2JwtBearerTests.java

  Log Message:
  -----------
  Refactor OAuth2 tests to use common base classes

Introduce AbstractOAuth2Tests and AbstractScimOAuth2Tests to provide a shared
foundation for OAuth2 related test cases. Migrate existing tests to utilize
these base classes to eliminate duplication in WireMock stubbing and
connector initialization logic.

Compare: https://github.com/Evolveum/connector-scimrest/compare/1bf060d9b8e3...ee94ff7ea38a

To unsubscribe from these emails, change your notification settings at https://github.com/Evolveum/connector-scimrest/settings/notifications